Public Key Replacement and Universal Forgery of SCLS Scheme

Executive Summary

Certificateless cryptography eliminates the need of certificates in the PKI and solves the inherent key escrow problem in the ID-based cryptography. Recently, Du and Wen proposed a Short Certificateless Signature Scheme (SCLS) without MapToPoint hash function, and the signature size is short enough with only half of the DSA signature. In this paper, after the detailing the formal of certificateless signature scheme, the authors show that the Du-Wen's short certificateless signature scheme is insecure that is broken by a type-I adversary who has the ability in replacing users' public keys and accessing to the signing oracles, and also cannot resist on the universal forgery attack for any third user.